Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2025/12/19 8:18 p.m.7 views

CVE-2023-53940

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...

8.4CVSS7.8AI score0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:57 p.m.5 views

CVE-2023-53940 Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File

Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...

8.4CVSS7.5AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 7:57 p.m.11 views

CVE-2023-53940

CVE-2023-53940 affects Codigo Markdown Editor 1.0.1 (Electron). The vulnerability arises from handling of markdown files where an embedded video source with an onerror event can trigger arbitrary shell commands via Node.js child_process, enabling code execution when the file is opened. Public ind...

8.4CVSS7.5AI score0.00166EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.6 views

Codigo 代码注入漏洞

Codigo is a Markdown editor by the individual developer Alfonz Montelibano. A code injection vulnerability exists in Codigo version 1.0.1, which stems from the ability to execute arbitrary system commands that could lead to remote code execution...

8.4CVSS8.7AI score0.00166EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-4662

Malware in sbrugna...

7.5CVSS6.4AI score0.01707EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/09/05 2:32 p.m.7 views

CVE-2025-10012 Portabilis i-Educar educar_historico_escolar_lst.php sql injection

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file educarhistoricoescolarlst.php. Such manipulation of the argument refcodaluno leads to sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.4AI score0.0037EPSS
Exploits1References5
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-17439 Malicious code in como-espiar-whatsapp-sin-codigo-qr (npm)

The package como-espiar-whatsapp-sin-codigo-qr was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in como-espiar-whatsapp-sin-codigo-qr (npm)

The package como-espiar-whatsapp-sin-codigo-qr was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/13 6:15 p.m.7 views

CVE-2025-8919

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

4.8CVSS3.9AI score0.00293EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/08/13 5:32 p.m.4 views

CVE-2025-8919 Portabilis i-Diario History objetivos-de-aprendizagem-e-habilidades cross site scripting

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

4.8CVSS6.2AI score0.00293EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/13 5:32 p.m.15 views

CVE-2025-8919 Portabilis i-Diario History objetivos-de-aprendizagem-e-habilidades cross site scripting

A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...

4.8CVSS0.00293EPSS
Exploits1References5
CVE
CVE
added 2025/08/13 5:32 p.m.33 views

CVE-2025-8919

Portabilis i-Diario (History Page component) up to version 1.6 is affected by a cross-site scripting vulnerability in the /objetivos-de-aprendizagem-e-habilidades file. The issue arises from manipulation of the código/objetivo habilidade parameter in an unknown function of the History Page, allow...

4.8CVSS6.2AI score0.00293EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.10 views

PT-2025-33059 · Portabilis · Portabilis I-Diario

Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 1.7 Description: A cross-site scripting issue exists in Portabilis i-Diario due to manipulation of the código/objetivo habilidade argument within an unknown function of the...

4.8CVSS6.7AI score0.00293EPSS
Exploits1References8
CNVD
CNVD
added 2021/03/29 12:0 a.m.7 views

Testes de Codigo Elevation of Privilege Vulnerability

Testesdecodigogratis Testes de Codigo is a mobile application from Testesdecodigogratis in Portugal that provides users with driver's license learning. A security vulnerability exists in Testes de Codigo 11.4 and prior that allows an attacker to tamper with the Boolean values of the parameters...

9.8CVSS7AI score0.01167EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 3:15 p.m.5 views

CVE-2021-25648

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...

9.8CVSS7.3AI score0.01167EPSS
Exploits0References1
Prion
Prion
added 2021/02/16 3:15 p.m.12 views

Design/Logic Flaw

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...

7.5CVSS9.5AI score0.01167EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/02/16 2:45 p.m.36 views

CVE-2021-25648

CVE-2021-25648 affects the mobile app Testes de Codigo (versions 11.4 and prior). The issue allows an attacker to gain access to the administrative interface and premium features by tampering the Boolean flags isAdmin and isPremium stored on the device, effectively enabling privilege escalation w...

9.8CVSS9.5AI score0.01167EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/16 12:0 a.m.7 views

PT-2021-16726 · Unknown · Testes De Codigo

Name of the Vulnerable Software and Affected Versions: Testes de Codigo versions 11.4 and prior Description: The issue allows an attacker to gain access to the administrative interface and premium features by tampering with the boolean value of parameters isAdmin and isPremium located on device...

9.8CVSS9.5AI score0.01167EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.5 views

Testesdecodigogratis Testes de Codigo 安全漏洞

Testesdecodigogratis Testes de Codigo is a mobile application from Testesdecodigogratis in Portugal that provides users with driver's license learning. A security vulnerability exists in Testes de Codigo 11.4 and prior that allows an attacker to tamper with the Boolean values of the parameters...

9.8CVSS7.3AI score0.01167EPSS
Exploits0References2
Prion
Prion
added 2021/01/28 7:15 p.m.12 views

Cross site scripting

Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly o...

3.5CVSS5.4AI score0.00746EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder